Quickstart guide for administrators
When the subscription is created, administrators must perform the initial configuration.
Users and accesses are defined via Trustelem, while the Entreprise Vault is managed via a dedicated application.
After that, the work mainly concerns the user lifecycle management: creating or deleting users, unblocking those who need help and finally checking product status and logs.
Trustelem management
Initial setup
The first step when a customer acquires Enterprise Vault is to configure Trustelem. The goal is to define which users will have access to Entreprise Vault and how. These actions are performed by Trustelem administrators.
There are therefore 4 main steps in the setup.
- Add users, created locally or synchronized from directories
- Add Enterprise Vault apps (user + admin)
- Define access rules
- Optionally, define the usable 2nd factors, as well as the enrollment methods
Note: Trustelem administration page should always be secured using multi-factor authentication. To do so you need to enroll a 2nd factor for the admin accounts, then enable multi-factor using the option "Authentication level for Trustelem admin console" on Security settings > General.
Subscription management
When the initial setup is done, Trustelem administration page is still usefull for:
- Managing changes in the setup (new users, new 2nd factors, new enrolment process...)
- Managing user password lost
- Managing advanced features (silent authentication, self-service password reset, siem integration, API automations...)
More information about Trustelem are available here: https://trustelem-doc.wallix.com/books/trustelem-administration - Auditing the authentication
Entreprise Vault setup
In this quickstart guide, a limited action number is presented. To see all the administrators tasks, you can use this link:
https://vault-doc.wallix.com/books/entreprise-vault-administration
Entreprise Vault administration access
To access Entreprise Vault administration page, a Trustelem user must have access to the Entreprise Vault administration application.
By default, the subscription administrator is in the group "Entreprise Vault Admin" which has the access to this app.
To add new Entreprise Vault administrators, the users must be affected to this group.
Entreprise Vault administration page
As mentioned in the previous point, the Entreprise Vault administration is done through an application. So, to access this app the administrators must use their Trustelem dashboard: https://your_domain.trustelem.com.
Manage users
As a reminder, users creation is done through Trustelem admin page and not with Entreprise Vault admin app.
On the Entreprise Vault admin app you can manage:
- The Entreprise Vault users deletion from the Entreprise Vault data base.
It will not remove users fromTrustelem
It will delete all the associated items - The obligation for users to change their master password at the next connection
- The change of user encryption keys
More information are available here: https://vault-doc.wallix.com/books/entreprise-vault-administration/page/administration-application
Manage organization policies
On the Entreprise Vault admin app you can manage the settings applying to the entire company.
You can define rules for the logs, the security, the recovery process...
More information are available here: https://vault-doc.wallix.com/books/entreprise-vault-administration/page/administration-application
Audit the vault
On the Entreprise Vault admin app you can audit user's items, and share vault's items.
More information are available here: https://vault-doc.wallix.com/books/entreprise-vault-administration/page/administration-application
No Comments